diff options
| author | 2023-01-10 22:31:30 +0000 | |
|---|---|---|
| committer | 2023-01-10 22:31:30 +0000 | |
| commit | d630a52799b8c2488e73d075653e5147fc0e881d (patch) | |
| tree | b45835ad27a2ba379b1ad265ae1e439e1a4706f1 | |
| parent | 3abf3b4e63e7cc3d43d149ac5183c63d293651e0 (diff) | |
| parent | 07fcc8317a55c9cd6ed96dcb1c08aa79a1edb3af (diff) | |
Merge "Checking if package belongs to UID before registering broadcast receiver" into rvc-qpr-dev
| -rw-r--r-- | services/core/java/com/android/server/am/ActiveServices.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java index f22cb0b0db50..7fcf2dc76718 100644 --- a/services/core/java/com/android/server/am/ActiveServices.java +++ b/services/core/java/com/android/server/am/ActiveServices.java @@ -2517,6 +2517,11 @@ public final class ActiveServices { throw new SecurityException("BIND_EXTERNAL_SERVICE failed, " + className + " is not an isolatedProcess"); } + if (AppGlobals.getPackageManager().getPackageUid(callingPackage, + 0, userId) != callingUid) { + throw new SecurityException("BIND_EXTERNAL_SERVICE failed, " + + "calling package not owned by calling UID "); + } // Run the service under the calling package's application. ApplicationInfo aInfo = AppGlobals.getPackageManager().getApplicationInfo( callingPackage, ActivityManagerService.STOCK_PM_FLAGS, userId); |